Professional Documents
Culture Documents
Nadar Saraswathi College of Engineering and Technology, Theni
Nadar Saraswathi College of Engineering and Technology, Theni
Answer: d
Explanation: Due to high computational load ( thus being slow ) public key systems are not
preferred for large cryptosystems and large networks.
9. Which one of the following is not a public key distribution means? LT2
a) Public-Key Certificates
b) Hashing Certificates
c) Publicly available directories
d) Public-Key authority
Answer: b
Explanation: Hashing certificates is some I just made up. It doesn’t exist noob.
10. What is the PGP stand for? LT2
a) Permuted Gap Permission
b) Permuted Great Privacy
c) Pretty Good Permission
d) None of the mentioned
Answer: d
Explanation: PGP stands for Pretty Good Privacy.
11. Which systems use a timestamp? LT2
i) Public-Key Certificates
ii) Public announcements
Answer: c
Explanation: Public announcements and Public Certificates involve the use of timestamps.
12. Which of these systems use timestamps as an expiration date? LT1
a) Public-Key Certificates
b) Public announcements
c) Publicly available directories
d) Public-Key authority
Answer: a
Explanation: Public key certificates use timestamps as expiration dates.
13. Which system uses a trusted third party interface? LT1
a) Public-Key Certificates
b) Public announcements
c) Publicly available directories
d) Public-Key authority
Answer: a
Explanation: Public-Key certificates use a trusted third party interface.
14. Which of the following public key distribution systems is most secure? LT2
a) Public-Key Certificates
b) Public announcements
c) Publicly available directories
d) Public-Key authority
Answer: a
Explanation: Public certificates are the most secure key distribution/management systems right
now.
15. PGP makes use of which cryptographic algorithm? LT2
a) DES
b) AES
c) RSA
d) Rabin
Answer: c
Explanation: PGP recommends the use of RSA.
16. USENET is related to which of the following Public Key distribution schemes? LT2
a) Public-Key Certificates
b) Public announcements
Answer: b
Explanation: Many PGP users append their public key to messages that they send to public
forums, such as USENET and Internet mailing lists.
17. Publicly Available directory is more secure than which other system? LT1
a) Public-Key Certificates
b) Public announcements
c) Public-Key authority
d) None of the mentioned
Answer: b
Explanation: Publicly Available directory is more secure than Public announcements.
18. Extensions were added in which version? LT1
a) 1
b) 2
c) 3
d) 4
Answer: c
Explanation: Extensions to the X.509 certificates were added in version 3.
19. “Conveys any desired X.500 directory attribute values for the subject of this certificate.” LT2
Which Extension among the following does this refer to?
a) Subject alternative name
b) Issuer Alternative name
c) Subject directory attributes
d) None of the mentioned
Answer: c
Explanation: The Subject directory attributes has the function of conveying any desired X.500
directory attribute values for the subject of this certificate.”
20. Certificates generated by X that are the certificates of other CAs are Reverse Certificates. LT2
a) True
b) False
Answer: a
Explanation: The statement is true. Certificates of X generated by other CAs are forward
certificates.
21. 6. It is desirable to revoke a certificate before it expires because LT2
a) the user is no longer certified by this CA
b) the CA’s certificate is assumed to be compromised
c) the user’s private key is assumed to be compromised
d) all of the mentioned
Answer: d
Explanation: All of the options are true with regard to revocation of a certificate.
22. 7. CRL stands for LT1
a) Cipher Reusable List
b) Certificate Revocation Language
c) Certificate Revocation List
d) Certificate Resolution Language
Answer: c
Explanation: CRL stands for Certificate Revocation List.
23. Which of the following is not a part of an Extension? LT1
a) Extension Identifier
b) Extension value
c) Criticality Indicator
d) All of the mentioned constitute the Extension
Answer: d
Explanation: Extension Identifier, Extension value and the Criticality Indicator all constitue the
Extension header.
24. The criticality indicator indicates whether an extension can be safely ignored. LT2
a) True
b) False
Answer: a
Explanation: The statement is true.
25. The subject unique identifier of the X.509 certificates was added in which version? LT2
a) 1
b) 2
c) 3
d) 4
Answer: b
Explanation: The subject unique identifier was added in the 2nd version.
26. Which of the following is not an element/field of the X.509 certificates? LT2
a) Issuer Name
b) Serial Modifier
c) Issuer unique Identifier
d) Signature
Answer: b
Explanation: Serial Modifier is not an element/field of the X.509 certificates.
27. Suppose that A has obtained a certificate from certification authority X1 and B has obtained LT1
certificate authority from CA X2. A can use a chain of certificates to obtain B’s public key. In
notation of X.509, this chain is represented in the correct order as –
Answer: c
Explanation: The correct representation would be X1 X2 X2 B.
28. Larger networks would prefer a full decentralization. LT1
a) True
b) False
Answer: b
Explanation: Full decentralization is not practical for larger networks as there would be too many
connections.
29. Which of these is not a type of session key? LT2
a) PIN-encrypting key
b) File-encrypting key
c) Session encrypting key
d) Data encrypting key
Answer: c
Explanation: Data, PIN and File are the different session keys.
30. Which session key is used for electronic funds transfer and point of sale applications? LT2
a) Data-encrypting key
b) File-encrypting key
c) PIN-encrypting key
d) None of the mentioned
Answer: c
Explanation: PIN-encrypting key is the session key which is used for electronic funds transfer and
point of sale applications.
31. Sometimes a simple tag is introduced along with the session key. This tag has 8 bits. Which of the
following options is wrong?
a) One bit indicates whether the key is a session key or a master key
b) One bit indicates whether the key can be used for encryption
c) Three bit indicates whether the key can be used for decryption
d) Remaining bits are for future use
Answer: c
Explanation: One bit indicates whether the key can be used for decryption.
Answer: b
Explanation: Man is the middle attack is different from meet in the middle attack.
33. Which of the following is required to find the session key?
i) Control Vector
ii) Master Key
iii) Encrypted session Key
a) i)
b) i) and ii)
c) i) and iii)
d) i) ii) and iii)
Answer: d
Explanation: We require all three to find the session key.
34. Which is the correct representation for session key recovery for the plain text?
a) D ([Km XOR H], E([Km XOR H], Ks)
b) D([Km XOR H],Ks)
c) D ([Km XOR H], E([Km XOR H])
d) None of the mentioned
Answer: a
Explanation: The correct representation is D([Km XOR H], E([Km XOR H], Ks), to recover the
session key.
35. “Meet in the middle attack” is an attack
a) where the timing required for the attack via brute force is drastically reduced
b) where the adversary uses 2 or more machines to decrypt thus trying to reduce the time
c) where messages are intercepted and then either relayed or substituted with another message
d) where cryptanalysis takes lesser time than the brute force decryption
Answer: c
Explanation: “Meet in the middle attack” is an attack where messages are intercepted and then
either relayed or substituted with another message.
36. Hash Value = H = h(CV)
Key Input = Km XOR H
Ciphertext = E([Km XOR H],Ks)
What is CV here?
a) Cipher vector
Prepared By: Vignesh.L.S Page 7 of 8
NADAR SARASWATHI COLLEGE OF ENGINEERING AND TECHNOLOGY, THENI.
Course/Branch : B.E/ CSE Year / Semester :IV/VII Format
NAC/TLP-07a.13
No.
Subject Code :CS8792 Subject Name:Cryptography & Network Security Rev. No. 02
Unit No :4 Unit Name :Message Authentication & Integrity Date 30.09.2020
Answer: c
Explanation: CV is known as Control Vector.